Heyy Devs.. I'm creating an Android app using firebase in which phonenumber authentication is required. But I want to use my own otp verification system..
is it possible to create users in firebase by using our own otp verification system.
You can use the Firebase Admin SDK to manage user accounts that you authenticate any way you want on your backend. You can create custom tokens for them for your frontend.
You won't be able to do any of this without custom backend support that you manage for your app.
Related
I have implemented an Android application where the user can register to a webserver and log in with an e-mail address and a chosen password to the app. In the app, the user can use all the app features. One feature should be a chat application.
I thought about realizing the chat app with Firebase Realtime Database. To protect the access, I thought about authentification as an access rule for the database. In general, the registration would be linked to the Firebase authentication. As I have my own registration and login, I would like to ask if there is an option to use my own login data for authentification. And can it be linked to the Firebase Realtime Database?
As I have my own registration and login, I would like to ask if there is an option to use my own login data for authentification. And can it be linked to the Firebase Realtime Database?
You can use your own authentication, but if you want to sign in to Firebase, you need to create a custom token. Once you do that, you'll be able to write security rules.
Using Firebase as DB for the app only.
I would like to use Firebase to store data that is global for all users. User authentication is not required to access those data.
So, all user's will be able to access same data. For example "news articles" are same for all users. Users don't need to authenticate to access the news.
How can I setup android application to access Firebase data securely for all users?
By "securely", I mean I don't want to bundle credentials to access the DB with the app. Otherwise, anybody can access the data and wipe it or corrupt it.
Based on quick investigation, I found there might be 2 ways:
Firebase REST API
Using Firebase REST API and service account token to access the Firebase data.
Firebase Auth
Use one of the auth schema. For example use email & password auth or custom auth with custom token.
I would assume both of them require me to bundle the secret password or token with the application.
Has anybody designed app with such use-case? Any pointers would be appreciated.
Firebase Authentication doesn't require any bundling of anything. Your users provide their own credentials. Google Play services on the device provides the security that only your app signed with your signing key may receive the token that authorizes the users to perform the actions on the data that you decide through security rules.
I have been searching for a while as to what could be the best option to integrate real-time messaging in my app. I have read about a number of available chat APIs like Sinch, Applozic, Quickblox, SendBird, etc. What I am confused about is that since I am using Firebase Auth for user authentication, can I use these available API along with Firebase Auth??? I know I can even use Firebase to create IM feature but I would prefer to use third party IM APIs as it will save time.
Note: I am using Firebase Real-time Database as well to store user data.
Can anyone suggest me the best option in this case???
It is possible to use both Firebase and Quickblox. Use Firebase to handle the authentication and use the FirebaseUser object to create a QBUser for your quickblox implementation. Hope this helps.
As Norris pointed out in his answer, it is possible to use Firebase and QuickBlox, but QuickBlox requires client app to authorize with user_id and password. Since you can only get user_id from FirebaseUser object, but not the password (explained here: Firebase/Swift 2 - How to get an authenticated users password and email), you could programmatically generate new unique password just for QuickBlox authorization and keep it stored together with other user data at Firebase Real-Time database. The user doesn't need to know this password, you just use it in your client-side code when you wish to authorize with QuickBlox API.
SendBird has simple and powerful Android SDK which runs very well with any types of user authentications.
SendBird only requires "user_id" to create a chat account and it should be super easy to integrate SendBird with Firebase by just using Firebase user unique id as SendBird "user_id".
Does Firebase provides any plugin for the same or is planning for in future..? I intend to use phone numbers for my users authentication instead of Facebook/Google login.
i'm creating an android app, which requires some authentication system. I want to have 3 options to log in users: mail&password, facebook login and anonymous access (in case of anonymous i'll create some kind of anonymous account, so user'll be able to give his credentials later and secure his account with 'normal' password).
I'll also have my own webservice for this app. Webservice is in fact the most crucial part and android app will just show data from WS and put some new data on it.
I'll be using Firebase for handling notifications.
My question is: should i use Firebase authentication in this scenario or maybe it's better to stay with own authentication system? If i use Firebase i still need to have users in my database (webservice requires some info about users).
Is firebase authentication good choice for project like that?
Even in the case of Firebase where we use firebase authentication and the firebase database together, only a few details of user(user id, login email or number, provider details etc) are available under the Authentication tab. The rest of the details we receive after login and other custom user information we collect from the app have to be saved in the Firebase database.
So even if you have another Web service instead of using Firebase Database, you can use Firebase Authentication. There are definitely great advantages if you use Firebase Authentication.
Save time on developing Webservice methods for authentication :
Instead, you can just have a method to store user information after the user authenticates with Firebase. Also, there is considerable time saved since you can avoid developing server-side methods for different kinds of token verification in case you want to add social logins like Facebook and Google.
All that will be handled efficiently with Firebase.
Detailed Analytics: Also with Firebase authentication, you can also get good analytics and demographic information of users.
You don't have to use Firebase authentication in order to use FireBase Push Notifications, Invites, etc.
That's one of the beauties of Firebase; you can choose which service to use.
Since everything is built already, I would continue to use your own Auth system
You can save all users, and you can authenticate with Google, Facebook, only email.
It's like a database online and it's easy to connect with the same at Android Studio and after you can login with the users.